Monthly Archives: June 2016

Since mid June 2016 I’m experiencing issues with my OneDrive for Business account and my next generation OneDrive app, where an error message is raised “Your OneDrive has not been setup”, like this:

This happens on my laptop (Windows 10) and on my Desktop PC (Windows 8.1). The strange thing is that it’s not consistent. Sometimes it works on one machine, sometimes on the other machine.

Tried resetting the OneDrive for business client using the following command:

%localappdata%\microsoft\onedrive\onedrive.exe /reset

But this didn’t work. When starting the OneDrive for Business client without the /reset option, it starts and wants to know which library do you want to sync:

Still no luck.

Reinstalled my laptop with Windows 10 Enterprise (April 2016 update, had to do this anyway) and joined it to Azure Active Directory. OneDrive for business worked for 24 hours, and then started again raising the error as shown in the first screenshot.

The best option however is to check the Microsoft portal (https://portal.office.com) with your tenant administrator account and check the Service Health page.

Where it states:

Service restored – Jun 29, 2016 12:38 PM

Final Status: Redirecting requests to an alternate infrastructure remediated impact. We’ve added more capacity and have rebalanced the service to avoid recurrence of this issue.

User Impact: Users may have been unable to sign in to OneDrive for Business when using the Next Generation Sync Client, and they may receive an error which states, “Your OneDrive has not been setup”. While we were focused on remediation, users may have been able to access the service using the OneDrive for Business website as an alternative method.

Scope of Impact: A few customers reported this issue, and our analysis indicated that impact was specific to a subset of your users.

Start Time: Tuesday, June 28, 2016, at 7:05 AM UTC

End Time: Tuesday, June 28, 2016, at 11:00 PM UTC

Preliminary Root Cause: The Next Generation Sync Client was encountering intermittent errors from a dependent component that handles user and service provisioning.

So, after a couple of days it turns out that this is a capacity planning issue at Microsoft, and the only thing I can do is wait until it’s working again.

The good news is that I can access the data online via the portal (logon using your normal user account) and continue working. The bad news is however that this is not something you can expect from a serious provider like Microsoft L

In earlier blog post I explained how to create user account on-premises and accompanying Mailboxes in Office 365. This is possible with or without an Exchange server on-premises. The latter works, but it’s not supported.

There are also scenarios where you have cloud identities in Office 365 that you want to connect to user accounts in an on-premises Active Directory, so basically converting the cloud identity to a synced identity. This is a common scenario for example when moving from one tenant in Office 365 to another tenant, of maybe when moving from Groupwise or Notes to Office 365.

Suppose we have a cloud identity in Office 365 for a user named Chong Kim, he has an E3 license, a username ckim@exchangelabs.nl and this is also his primary SMTP address.

Recently I had one of these head scratching moments…. We were connecting an on-premises Active Directory (approx. 80,000 objects) to Office 365 using Azure AD Connect. We had a list of OU’s that was supposed to be synchronized with Office 365 and after running the Azure AD Connect wizard all objects in the corresponding OU’s were synchronized to Office 365.

The next day we got feedback from the organization the wrong OU’s were synchronized and that we had to select different OU’s (we configured the OU’s correctly, but the list we got was not correct).

When you deselect an OU in the Synchronization Service Manager (miisclient.exe in the C:\Program Files\Microsoft Azure AD Sync\UIShell directory as shown in the following screenshot) you would expect that all objects in this OU are no longer synchronized and would disappear in Office 365.

When you delete user accounts from Office 365 (en thus Azure Active Directory) these accounts are not permanently deleted, but they are kept in a Deleted Users container for 30 days. This is not only true for cloud users that are deleted in the Microsoft Online Portal, but also for synced users that are deleted in your on-premises Active Directory.

Although you can see the deleted users in the Microsoft Online Portal, there’s no way to permanently delete them here.

The solution is to use the Azure Active Directory Module for PowerShell, using PowerShell you can actually permanently delete these user account.

To retrieve a list of all users in the Deleted Users container open Azure Active Directory PowerShell and execute the following command:

Connect-MSOLService
Get-MsolUser -ReturnDeletedUsers

To permanently remove these user accounts you can use the same command, but pipe the output of the command into the Remove-MsolUser -RemoveFromReclycleBin command. You can add the -Force option to bypass the confirmation of each user deletion (i.e. the ‘Are you sure? Yes[y], No[n]’ message).

Now when you execute the Get-MsolUser -ReturnDeletedUsers command you’ll see the all users are permanently removed.

Please be careful, once permanently removed there’s no way to restore the user accounts!

In my previous blog post I explained how to manage your Email attributes in Office 365 by directly editing the Exchange attributes in your on-premises Active Directory. This works fine, but it is not recommended nor is it supported by Microsoft.

In this blogpost I’ll discuss how to add an Exchange server on-premises (or keep the last Exchange server when you’ve moved all Mailboxes to Office 365 for that matter) and manage your Exchange Online environment properly.

Exchange Server on-premises

So, what options do you have? Add an Exchange server on-premises, or keep one of the existing (hybrid) Exchange servers for management purposes. Since this is a green field Active Directory, and there’s no Exchange server on-premises you can use the free Microsoft Hybrid License to for this management server. For additional details on this free Exchange license you can check the Microsoft knowledgebase article KB2939261: https://support.microsoft.com/en-us/kb/2939261.